|
Patient Privacy Compliance -- WPS Health
Insurance Wants You to be Prepared
April 17, 2003 -- Monday, April
14, health care consumers began to experience a new set of privacy
rules that are the result of growing concerns about personal information
floating around the electronic universe. WPS Health Insurance wants
members to understand how important these changes are and that WPS
is prepared for the new privacy rules.
As of Monday, most health insurance carriers, clinics,
hospitals and other businesses that handle individuals' medical
records must comply with the 1996 Health Insurance Portability and
Accountability Act (HIPAA).
HIPAA has been called the biggest and most complicated
health care law since Medicare.
"WPS has always respected the privacy of its
customers and has gone to great lengths to protect that," said
Brad Trudell, WPS Privacy Compliance Officer. "HIPAA ensures
that every healthcare consumer regardless of insurance carrier,
receives an incredibly high level of privacy."
Because the Privacy Rule limits how WPS may disclose
Protected Health Information (PHI), customers will experience some
changes when they contact WPS. The general rule is that adult plan
members will be able to call in and discuss their own health information
(except for diagnosis and procedure codes), but not that of any
other family member. Parents will generally be able to discuss the
health information of their minor children. WPS will need a signed
authorization from the spouse or child over 18 years of age before
the company can disclose their PHI to the participant. All those
insured by WPS are receiving a letter outlining these changes.
If you are a WPS Web site Customer Corner member,
you will notice some changes to this area, as you will only be able
to see your information and that of your minor dependents. All other
adults on the plan will need to set up their own accounts.
To help insured groups and agents understand the
HIPAA requirements, WPS is conducting face-to-face training sessions.
"It's important we provide a resource to the people who rely
on WPS Health Insurance for their health insurance needs,"
said Trudell. WPS has been meeting with groups and agents in the
Eau Claire, Wausau, Madison, Milwaukee and Appleton areas.
HIPAA Privacy Rule -- Frequently Asked
Questions
| Q: |
What does the HIPAA Privacy Rule do? |
| A: |
The HIPAA Privacy Rule for the first time
creates national standards to protect individuals' medical records
and other personal health information |
| |
- It gives patients more control over their health information
- It sets boundaries on the use and release of health records
- It establishes appropriate safeguards that health care
providers and others must achieve to protect the privacy
of health information
- It holds violators accountable with civil and criminal
penalties that can be imposed if they violate patients'
privacy rights
- It strikes a balance when public responsibility supports
disclosure of some forms of data -- for example, to protect
public health
|
| Q: |
What does the HIPAA Privacy Rule mean
for patients? |
| A: |
It means patients must make informed choices
when seeking care and reimbursement for care based on how personal
health information may be used |
| |
- It enables patients to find out how their information
may be used, and about certain disclosures of their information
that have been made
- It generally limits release of information
- It generally gives patients the right to examine and receive
a copy of their own health records and request corrections
|
| Q: |
Who has to comply? |
| A: |
All healthcare organizations. This includes
all health care providers: physician offices, health plans,
employers, public health authorities, life insurers, clearinghouses,
billing agencies, information systems vendors, service organizations,
and universities.
|
| Q: |
What does the HIPAA Privacy Rule require
a health plan or provider to do? |
| A: |
The Privacy Rule requires health plans or
providers to: |
| |
- Notify patients about their privacy rights and how their
information can be used
- Adopt and implement privacy procedures for its practice,
hospital, or plan
- Train employees so that they understand the privacy procedures
- Designate an individual to be responsible for seeing that
the privacy procedures are adopted and followed
- Secure patient records containing individually identifiable
health information so they are not readily available to
those who do not need them
|
| Q: |
What is HIPAA? |
| A: |
It's the Health Insurance Portability &
Accountability Act of 1996, which amends the Internal Revenue
Service Code of 1986. It is also known as the Kennedy-Kassebaum
Act. Title II includes a section, Administrative Simplification,
requiring: |
| |
- Improved efficiency in health care delivery by standardizing
electronic data interchange, and protection of confidentiality
and security of health data through setting and enforcing
standards
- Standardization of electronic patient health, administrative
and financial data
- Unique health identifiers for individuals, employers,
health plans and health care providers
- Security standards protecting the confidentiality and
integrity of "individually identifiable health information,"
past, present or future
|
|
